What should you do, if one of your author leaves the job with tons of posts written? You can choose to delete the account (by moving the posts to other account), but you should also remember that he/she had written ton of articles and you should still give credit to them. So the ideal way is to disable the user account and leave the posts in their name.

Or if someone is trying to Login to WordPress using Brute force method? Most of the WordPress accounts are hacked using Brute Force method and dictionary attacks, where the attacker can try as many invalid passwords before finding the correct one. So it is very important to lock down the user after the set number of invalid Login attempts.

Now the goal of this article is to tell you how to lock or disable WordPress user account after the set number of Invalid Login attempts.

Step 1 : Download the plugin called “User Locker” (link given at the bottom).

Step 2: Extract the download zip file and copy it to wp-content/plugins folder

Step 3: Browse to wp-admin and enable the Plugin.

Step 4: If you want to disable or Lock any user, just head on to Users > All users > Edit the user you wish to disable or lock.

Step 5: Scroll down to the bottom of the page and select “User account is locked for security reasons” check box and provide Lock reason (if you wish to display it on the Login page).

Step 6: If you want to disable any user account, then select “User account is disabled” check box and provide the disable reason (if you wish to display it on the Login page).

Hereafter the user account will be locked automatically after the set number of invalid login attempts. To enable the account, just Edit the user profile and uncheck “User account is locked for security reasons“. That’s it!